<?php
	session_start();
	include("load-settings.php");

	if(!isset($_SESSION['user']))
		header("Location: login.php");

	$user = $_SESSION['user'];

	$result = mysql_query("SELECT * FROM user WHERE id = $user");
	$row = mysql_fetch_array($result);
	$access = $row['type'];

	if($access != 2)
		header("Location: home.php");

	if(isset($_GET['order']))
	{
		$order = mysql_real_escape_string($_GET['order']);

		$result = mysql_query("SELECT * FROM order_record WHERE id = $order") or die(mysql_error());

		if(mysql_num_rows($result) == 0)
		{
			header("Location: verify-orders.php");
		}

		$row = mysql_fetch_array($result);

		mysql_query("UPDATE order_record SET complete = 0 WHERE id = $order");

		header("Location: verify-orders.php");
	}
	else
	{
		header("Location: verify-orders.php");
	}
?>